package com.ptma.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import com.ptma.dao.UserDetailsServiceDao;
import com.ptma.security.LoginHandler;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

	@Autowired
	public void registerGlobalAuthentication(AuthenticationManagerBuilder auth)
			throws Exception {
		auth.userDetailsService(new UserDetailsServiceDao());
	}

	@Override
	public void configure(WebSecurity web) throws Exception {
		web.ignoring().antMatchers("/resources/**");
	}

	@Override
	protected void configure(HttpSecurity http) throws Exception {

		http.authorizeRequests().antMatchers("/secure/**").authenticated()
				.antMatchers("/**").permitAll().and().formLogin()
				.loginPage("/login.html")
				.defaultSuccessUrl("/secure/fileUpload.html")
				.failureUrl("/login.html?error=true")
				.loginProcessingUrl("/j_spring_security_check")
				.successHandler(new LoginHandler())
				.failureHandler(new LoginHandler()).and().logout().and()
				.rememberMe().userDetailsService(new UserDetailsServiceDao());

	}
}
